Re: change request: python-hashlib install on builders
On Wed, 2009-01-28 at 22:44 -0800, Jesse Keating wrote: > Instead of rolling back yum, I'm attempting to replace bash's %post that > was in bash, and instead writing it in native lua. This will allow bash > to complete its %post without any external deps. If this works, I'll > create a F10 bash for dist-f10-override so that buildroots there will > init as well. > > To get the build done, I've reverted yum on ppc10 and x86-2, and > disabled every other builder. I'll re-enable things once we're able to > reliably create buildroots. This was successful. I've got new f10 and f11 repos with a fixed bash, and all builders have been re-enabled with the new yum. -- Jesse Keating Fedora -- Freedom² is a feature! identi.ca: http://identi.ca/jkeating signature.asc Description: This is a digitally signed message part ___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
Re: change request: python-hashlib install on builders
On Thu, 2009-01-29 at 00:05 -0800, Jesse Keating wrote: > On Wed, 2009-01-28 at 22:44 -0800, Jesse Keating wrote: > > Instead of rolling back yum, I'm attempting to replace bash's %post that > > was in bash, and instead writing it in native lua. This will allow bash > > to complete its %post without any external deps. If this works, I'll > > create a F10 bash for dist-f10-override so that buildroots there will > > init as well. > > > > To get the build done, I've reverted yum on ppc10 and x86-2, and > > disabled every other builder. I'll re-enable things once we're able to > > reliably create buildroots. > > This was successful. I've got new f10 and f11 repos with a fixed bash, > and all builders have been re-enabled with the new yum. Thanks, Jesse. -sv ___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
Introducing Myself
All, Having just requested access to the sysadmin and sysadmin-test groups on FAS and on the advice of David Nalley I thought I should introduce myself. I have been working with the docs team over the last week on the possibility of running the Zikula Application Framework as the CMS behind docs.fedoraproject.org. I am a member of the board of the Zikula Software Foundation and the Zikula Steering Committee, and I have been acting as the lead in discussions about how to best address the needs of the docs project on their website, and the needs of the Fedora project at large. My name is Simon Birtwistle, and I'm currently located in Cambridge in the UK. I am in the final year of studying for a degree in Computer Science at Cambridge University, and providing all goes well I'll be graduating in June. I've used Fedora on and off for years and years, though despite thinking about it I never got around to contributing. Most of my time is taken up with the Zikula project, where my work with the Steering Committee involves project management and day to day organisation, but I'm hoping that I can combine my work there with useful work on the Fedora websites where it's helpful. Skills wise, I am mainly a web developer, as you'd expect, with a good knowledge of PHP and MySQL. I also have experience with Java as well as C# .NET and some other less well known languages from my degree course. I have also used Docbook in the past for Zikula project documentation, so I at least have a vague idea where the docs project are coming from. I'm hoping that I, and Zikula as a project, will be able to provide a big boost to the docs project's publishing workflow. Simon ___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
Introduction Teb (Zikula / Documentation project)
Hi all, I have just subscribed to both the fedora-infrastructure-list and the fedora-docs-list to keep you (and myself) updated about the documentation project. My name is Arjen Tebbenhof, 32 years old and currently employed at AMB-IT / ChampionChip in the Netherlands as a (web) software engineer. In this function, I maintain a backend-portal for our clients, and I am responsible for planning and implementation in this specific field (using PHP and an Oracle DBMS). Before this, I owned a company specialized in delivering CMS solutions, but that never really got lucrative enough to make a living :) I have a Bachelors Degree in Econometrics and Operations Research, at the Erasmus University Rotterdam, The Netherlands. I am the current maintainer of the packaging environment for the Zikula Application Framework for the last year or so. Besides that, I am the team leader of the Dutch Zikula Community for the last five years, and maintain all dutch translations for the project. I never really contributed any code to the project, but behaved more as a sidekick between developers and the users, mainly providing support. I have basic knowledge of *nix systems, but have better specialties in PHP OOP, Databases, CVS/SVN repositories and packaging. For the Documentation Project, I will assist Simon and the rest of the newly involved list members with the new Fedora Docs portal. And therefore have applied to the sysadmin and sysadmin-test groups. Arjen (aka Teb) ___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
Re: Introducing Myself
Simon Birtwistle wrote: > > Having just requested access to the sysadmin and sysadmin-test groups on > FAS and on the advice of David Nalley I thought I should introduce > myself. I have been working with the docs team over the last week on > the possibility of running the Zikula Application Framework as the CMS > behind docs.fedoraproject.org. I am a member of the board of the Zikula > Software Foundation and the Zikula Steering Committee, and I have been > acting as the lead in discussions about how to best address the needs of > the docs project on their website, and the needs of the Fedora project > at large. > Welcome Simon! Since I've been working with docs as part of my Packaging Committee duties, I'll sponsor you for infrastructure work. I'm abadger1999 on irc.freenode.net if you need any help. As a team, we tend to talk a lot in #fedora-admin, keeping each other up to date on happenings, socialising, etc. We also have weekly meetings in #fedora-meeting on Thursday at 20:00 UTC where we summarise the weeks goings on and identify things we need to work on more. > > I’m hoping that I, and Zikula as a project, will be able to provide a > big boost to the docs project’s publishing workflow. > It sounds like docs is ready to get a test instance up and running. If you can make the meeting today to give us an update (near the end we have an open discussion session) that would be great. If not, catch us in #fedora-admin and we'll make sure you have what you need to get setup. -Toshio signature.asc Description: OpenPGP digital signature ___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
[Fwd: Re: CMS Option: Zikula]
I sent this to the docs list when they started considering Zikula. Now that we're setting up a test instance and getting some people on the infrastructure team to work on it it seems like a good point in time to forward it here. Original Message Date: Fri, 23 Jan 2009 16:55:03 -0800 From: Toshio Kuratomi To: fedora-docs-l...@redhat.com Paul W. Frields wrote: > I think we should also be considering the other major players in the > CMS game, if there are people available to deploy and maintain them. > Drupal and Joomla! immediately come to mind, the latter especially > because it actually has some DocBook XML support. Features aren't > particularly compelling, though, if we have no one around to help with > the maintenance. > One of the things I didn't know until I did some browsing around their website is that Zikula started off as PostNuke but that they changed the name in June. So they are a long term player in the CMS market. > None of this has any bearing on the quality of Zikula, which I'm sure > is excellent. > I was impressed by a few of the things I've learned since this morning :-) The answers to how proactive the security is was a nice change from the usual thoughts I've seen:: https://fedoraproject.org/wiki/Zikula_IRC_Chat_Interview#t12:20 Here's my naive search of cve.mitre.org for issues reported in 2008. Note that some people would say to exclude plugins from this but my view is that we're going to be running plugins as part of our deployment and we'll want to know if we can expand our capabilities by pulling in functionality via plugins without compromising security. So knowing this does a *little* towards understanding whether the Core provides an API for writing secure plugins and the plugin community is security minded as well as Core developers. And like I say, this is naive :-) 91 Joomla -- Lots of plugins a few in core 79 Drupal -- Lots of plugins a few in core 60 Wordpress -- Lots of plugins, a few in core 53 Mambo --Lots of plugins, at least one in core 4 zikula + postnuke -- 1 in Core, 3 in plugins 1 midgard 0 zikula 0 enano For reference, mediawiki, which we think has an acceptable security-to-benefit ratio had 8 vulnerabilities reported in 2008 using the same naive count. -Toshio signature.asc Description: OpenPGP digital signature ___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
Re: Introduction Teb (Zikula / Documentation project)
Teb (Zikula NL) wrote: > Hi all, > Hi Teb! > I have just subscribed to both the fedora-infrastructure-list and the > fedora-docs-list to keep you (and myself) updated about the > documentation project. > Excellent. > I am the current maintainer of the packaging environment for the Zikula > Application Framework for the last year or so. Besides that, I am the > team leader of the Dutch Zikula Community for the last five years, and > maintain all dutch translations for the project. I never really > contributed any code to the project, but behaved more as a sidekick > between developers and the users, mainly providing support. I have basic > knowledge of *nix systems, but have better specialties in PHP OOP, > Databases, CVS/SVN repositories and packaging. > > For the Documentation Project, I will assist Simon and the rest of the > newly involved list members with the new Fedora Docs portal. And > therefore have applied to the sysadmin and sysadmin-test groups. > I've sponsored you into both groups. Welcome to the Infrastructure team! I'll give you the same spiel I gave to Simon earlier. I'm abadger1999 on irc.freenode.net if you need any help. Since I've been working with docs in my Packaging Committee role, it seems natural to work with you guys for the infrastructure/docs needs. The infrastructure team tends to talk a lot in #fedora-admin, keeping each other up to date on happenings, socialising, etc. We also have weekly meetings in #fedora-meeting on Thursday at 20:00 UTC where we summarise the weeks goings on and identify things we need to work on more. Simon is going to be at this week's meeting so we can get a feel for what Zikula needs, what we have to give, and how we want to run it in production. You're welcome to stop by too if the meeting time works for you. Otherwise, stop on by #fedora-admin anytime. You're a part of the team now so welcome aboard. -Toshio signature.asc Description: OpenPGP digital signature ___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
CSI (Security Policy)
Hey all. I've placed our security policy CSI docs in a standard location now. Just a reminder: If you have shell access on any of our servers you need to be compliant with all of these rules by the end of March. Which should be plenty of time to get any oddities worked out. http://infrastructure.fedoraproject.org/csi/security-policy/en-US/ -Mike ___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
Introduction
Let me first apologize for what will inevitably be a stream of people introducing themselves for work on setting up Zikula. My name is David Nalley, and I am ke4qqq on IRC. Eric (sparks) has asked me to come work with the Zikula guys on getting things setup on Fedora's infrastructure. I work as a mainly Linux sysadmin in Liberty, SC and have done so for around 6-7 years now. The bulk of my work focusing on RHEL/CentOS 3-5. So as far as identifying what I want to work on, Ticket 1155 is I suppose my first priority, though I did tell Mike I'd volunteer to do some inventory-type stuff for him. I've applied for sysadmin and sysadmin-test for the time being. Let me know if there is more needed of me. ___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
Re: CSI (Security Policy)
On Thu, Jan 29, 2009 at 9:51 AM, Mike McGrath wrote: > Hey all. I've placed our security policy CSI docs in a standard location > now. Just a reminder: If you have shell access on any of our servers you > need to be compliant with all of these rules by the end of March. Which > should be plenty of time to get any oddities worked out. > > http://infrastructure.fedoraproject.org/csi/security-policy/en-US/ > >-Mike > > ___ > Fedora-infrastructure-list mailing list > Fedora-infrastructure-list@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list > Mike, This is probably nothing but there is a duplicate rule in your /etc/sysctl.conf. The line: net.ipv4.conf.all.accept_redirects = 0 appears twice. Frank ___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
Re: CSI (Security Policy)
On Thu, 29 Jan 2009, Frank Chiulli wrote: > On Thu, Jan 29, 2009 at 9:51 AM, Mike McGrath wrote: > > Hey all. I've placed our security policy CSI docs in a standard location > > now. Just a reminder: If you have shell access on any of our servers you > > need to be compliant with all of these rules by the end of March. Which > > should be plenty of time to get any oddities worked out. > > > > http://infrastructure.fedoraproject.org/csi/security-policy/en-US/ > > > >-Mike > > > > ___ > > Fedora-infrastructure-list mailing list > > Fedora-infrastructure-list@redhat.com > > https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list > > > > Mike, > This is probably nothing but there is a duplicate rule in your > /etc/sysctl.conf. The line: > > net.ipv4.conf.all.accept_redirects = 0 > > appears twice. > Thanks, fixed upstream and will be updated on the site soon. -Mike ___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
Re: CSI (Security Policy)
Mike, Where can we send corrections to it ? Thanks, Paulo On Thu, Jan 29, 2009 at 7:13 PM, Frank Chiulli wrote: > On Thu, Jan 29, 2009 at 9:51 AM, Mike McGrath wrote: > > Hey all. I've placed our security policy CSI docs in a standard location > > now. Just a reminder: If you have shell access on any of our servers you > > need to be compliant with all of these rules by the end of March. Which > > should be plenty of time to get any oddities worked out. > > > > http://infrastructure.fedoraproject.org/csi/security-policy/en-US/ > > > >-Mike > > > > ___ > > Fedora-infrastructure-list mailing list > > Fedora-infrastructure-list@redhat.com > > https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list > > > > Mike, > This is probably nothing but there is a duplicate rule in your > /etc/sysctl.conf. The line: > > net.ipv4.conf.all.accept_redirects = 0 > > appears twice. > > Frank > > ___ > Fedora-infrastructure-list mailing list > Fedora-infrastructure-list@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list > ___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
Re: CSI (Security Policy)
On Thu, 29 Jan 2009, Paulo Santos wrote: > Mike, > > Where can we send corrections to it ? > To me directly or to the csi mailing list: https://fedorahosted.org/mailman/listinfo/csi-devel -Mike > > Thanks, > Paulo > > On Thu, Jan 29, 2009 at 7:13 PM, Frank Chiulli > wrote: > On Thu, Jan 29, 2009 at 9:51 AM, Mike McGrath wrote: > > Hey all. I've placed our security policy CSI docs in a standard location > > now. Just a reminder: If you have shell access on any of our servers you > > need to be compliant with all of these rules by the end of March. Which > > should be plenty of time to get any oddities worked out. > > > > http://infrastructure.fedoraproject.org/csi/security-policy/en-US/ > > > > -Mike > > > > ___ > > Fedora-infrastructure-list mailing list > > Fedora-infrastructure-list@redhat.com > > https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list > > > > Mike, > This is probably nothing but there is a duplicate rule in your > /etc/sysctl.conf. The line: > > net.ipv4.conf.all.accept_redirects = 0 > > appears twice. > > Frank > > ___ > Fedora-infrastructure-list mailing list > Fedora-infrastructure-list@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list > > > >___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
Re: Introduction
David Nalley wrote: > Let me first apologize for what will inevitably be a stream of people > introducing themselves for work on setting up Zikula. > > My name is David Nalley, and I am ke4qqq on IRC. Eric (sparks) has > asked me to come work with the Zikula guys on getting things setup on > Fedora's infrastructure. > I work as a mainly Linux sysadmin in Liberty, SC and have done so for > around 6-7 years now. The bulk of my work focusing on RHEL/CentOS 3-5. > > So as far as identifying what I want to work on, Ticket 1155 is I > suppose my first priority, though I did tell Mike I'd volunteer to do > some inventory-type stuff for him. > > I've applied for sysadmin and sysadmin-test for the time being. > > Let me know if there is more needed of me. > I'll sponsor you David. So you, itbegins, and teb seem to be our maintainers for the CMS. I've updated ticket #1155 with the notes for moving forward that we generated in the meeting today. Feel free to contact me if you need any help. -Toshio signature.asc Description: OpenPGP digital signature ___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
Re: [Fwd: Re: CMS Option: Zikula]
2009/1/29 Toshio Kuratomi : > I sent this to the docs list when they started considering Zikula. Now > that we're setting up a test instance and getting some people on the > infrastructure team to work on it it seems like a good point in time to > forward it here. > > Original Message > Date: Fri, 23 Jan 2009 16:55:03 -0800 > From: Toshio Kuratomi > To: fedora-docs-l...@redhat.com > > Paul W. Frields wrote: >> I think we should also be considering the other major players in the >> CMS game, if there are people available to deploy and maintain them. >> Drupal and Joomla! immediately come to mind, the latter especially >> because it actually has some DocBook XML support. Features aren't >> particularly compelling, though, if we have no one around to help with >> the maintenance. >> > One of the things I didn't know until I did some browsing around their > website is that Zikula started off as PostNuke but that they changed the > name in June. So they are a long term player in the CMS market. > >> None of this has any bearing on the quality of Zikula, which I'm sure >> is excellent. >> > I was impressed by a few of the things I've learned since this morning > :-) The answers to how proactive the security is was a nice change from > the usual thoughts I've seen:: > https://fedoraproject.org/wiki/Zikula_IRC_Chat_Interview#t12:20 > > Here's my naive search of cve.mitre.org for issues reported in 2008. > Note that some people would say to exclude plugins from this but my view > is that we're going to be running plugins as part of our deployment and > we'll want to know if we can expand our capabilities by pulling in > functionality via plugins without compromising security. So knowing > this does a *little* towards understanding whether the Core provides an > API for writing secure plugins and the plugin community is security > minded as well as Core developers. And like I say, this is naive :-) > > 91 Joomla -- Lots of plugins a few in core > 79 Drupal -- Lots of plugins a few in core > 60 Wordpress -- Lots of plugins, a few in core > 53 Mambo --Lots of plugins, at least one in core > 4 zikula + postnuke -- 1 in Core, 3 in plugins That sounds awfully low for Postnuke. Doing a quick google search of postnuke security fixes and just looking at different releases.. there should be about 20 with some amount in core and a lot in plugins. My information about the current state of PostNuke is not good. I am betting that they are doing a lot more for security but a number of 4 problems just was too low for the amount of systems I have had to 'clean' since 2002. -- Stephen J Smoogen. -- BSD/GNU/Linux How far that little candle throws his beams! So shines a good deed in a naughty world. = Shakespeare. "The Merchant of Venice" ___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
Re: [Fwd: Re: CMS Option: Zikula]
Stephen John Smoogen wrote: > 2009/1/29 Toshio Kuratomi : >> I sent this to the docs list when they started considering Zikula. Now >> that we're setting up a test instance and getting some people on the >> infrastructure team to work on it it seems like a good point in time to >> forward it here. >> >> Original Message >> Date: Fri, 23 Jan 2009 16:55:03 -0800 >> From: Toshio Kuratomi >> To: fedora-docs-l...@redhat.com >> >> Paul W. Frields wrote: >>> I think we should also be considering the other major players in the >>> CMS game, if there are people available to deploy and maintain them. >>> Drupal and Joomla! immediately come to mind, the latter especially >>> because it actually has some DocBook XML support. Features aren't >>> particularly compelling, though, if we have no one around to help with >>> the maintenance. >>> >> One of the things I didn't know until I did some browsing around their >> website is that Zikula started off as PostNuke but that they changed the >> name in June. So they are a long term player in the CMS market. >> >>> None of this has any bearing on the quality of Zikula, which I'm sure >>> is excellent. >>> >> I was impressed by a few of the things I've learned since this morning >> :-) The answers to how proactive the security is was a nice change from >> the usual thoughts I've seen:: >> https://fedoraproject.org/wiki/Zikula_IRC_Chat_Interview#t12:20 >> >> Here's my naive search of cve.mitre.org for issues reported in 2008. >> Note that some people would say to exclude plugins from this but my view >> is that we're going to be running plugins as part of our deployment and >> we'll want to know if we can expand our capabilities by pulling in >> functionality via plugins without compromising security. So knowing >> this does a *little* towards understanding whether the Core provides an >> API for writing secure plugins and the plugin community is security >> minded as well as Core developers. And like I say, this is naive :-) >> >> 91 Joomla -- Lots of plugins a few in core >> 79 Drupal -- Lots of plugins a few in core >> 60 Wordpress -- Lots of plugins, a few in core >> 53 Mambo --Lots of plugins, at least one in core >> 4 zikula + postnuke -- 1 in Core, 3 in plugins > > That sounds awfully low for Postnuke. Doing a quick google search of > postnuke security fixes and just looking at different releases.. there > should be about 20 with some amount in core and a lot in plugins. My > information about the current state of PostNuke is not good. I am > betting that they are doing a lot more for security but a number of 4 > problems just was too low for the amount of systems I have had to > 'clean' since 2002. > Is that 20 for 2008? -Toshio signature.asc Description: OpenPGP digital signature ___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
Re: [Fwd: Re: CMS Option: Zikula]
On Thu, 29 Jan 2009, Stephen John Smoogen wrote: > > That sounds awfully low for Postnuke. Doing a quick google search of > postnuke security fixes and just looking at different releases.. there > should be about 20 with some amount in core and a lot in plugins. My > information about the current state of PostNuke is not good. I am > betting that they are doing a lot more for security but a number of 4 > problems just was too low for the amount of systems I have had to > 'clean' since 2002. > > :( We haven't even installed it yet and the honeymoon is over? Just curious, what kind of problems did you have? Script kiddies or targeted attacks? We have options with mod_security as well. I do want to make sure we have ourselves covered. -Mike ___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
Re: Introduction Teb (Zikula / Documentation project)
Teb (Zikula NL) wrote: Hi all, I have just subscribed to both the fedora-infrastructure-list and the fedora-docs-list to keep you (and myself) updated about the documentation project. Hello Arjen, good to hear we have another Dutchman on board ;-) Welkom! Kind regards, Jeroen van Meeuwen -the Other Dutchman ___ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
